Article Preview
Top1. Introduction
The Architecture of Service Components (SCA) framework offers a component-based model with a consistency, design and efficiency approach to loose coupling, (Service Component Architecture. https://www.osoa.org/display/Main/Home). A SCA part has two types of interfaces, interfaces supported and demanded. These are used for the incorporation of the service into other components and inter-service event based communication.
Component construction takes place by service interface and reference wiring. Design (Development of Individual Components), Structure (Composition of Components into Systems) and Assembly (Structure of Composite Services or Service Networks) are the key elements of SCA that provide design stability to shape structure of components and service networks.
The event-based communication model is being used more and more commonly for the development of loosely connected, distributed systems for many different industry domains, such as composite applications based on SCA. The Event-based systems range from distributed sensor-based systems to Comprehensive business information services, OASIS Service Component Architecture / Assembly, SCA-Assembly (2018). Compared to synchronous communication using remote procedure calls (RPC), for example, event-based communication between components offers many advantages such as high scalability and extensibility, OASIS Service Component Architecture / Assembly, SCA-Assembly (2018). Being asynchronous in nature, it allows a send-and-forget approach, i.e., a component that sends a message can continue its execution without waiting for the recipient to respond to it. In addition, the loose coupling of components achieved through the mediating middleware framework leads to increased system modularity as components can be quickly added, removed or replaced.
The development of event-based system (EBS) has become one of the popular method in terms of service component architecture, there are number of reason such as the high quality pliability, scalability and quality to being able to adjust properties of new condition. The communication system makes such advantages— implied invocation and inferred competition between components. The event management is non-determinism on the base of coordination structure in event management that is possibly cause to produce relatively inborn vulnerabilities in a process of event attack.
In composite application functionality, the Event Attacks are mostly some different type of attacks, which by manipulating the event-based communication model of the system. This can misuse, trigger and affect a target model. The Event Attacks are harder to prevent because they are treated in a way that is not different from typical normal conditions in event-based communication.
There is extensive use of event-based systems that are introduced utilise the MOM frameworks. Various types of MOM frameworks including Prism-MW, Java Message System, Java Message Service (JMS), (2016), introduce these and Carzaniga, Rosenblum, & Wolf, (2001), in applications such as web based applications or service oriented architecture-driven systems. EBSs have become popular because of its high versatility, scalability and adaptability. Such benefits are allowed by relying on component call by invoking implicitly and implied competition. In a particularly case specifically, components in event-based systems possibly not be aware of the events they publish by customers or they may not necessarily know producers.
In service component based composite application the communication method, however, it is consist on non-deterministic in the handling of events, which may introduce inherent vulnerabilities in a system called event attacks. For instance, developers can create EBSs using externally developing malicious code components and users can use malicious code component EBSs. In those instances, malicious components may cause unintended behaviour, such as by sweeping events in order to obtain unauthorized information or by manipulating data in events to compromise the functionality of the event-based system.